Install crypto-policies package

An XCCDF Rule

Description

The crypto-policies package can be installed with the following command:

$ sudo yum install crypto-policies

Rationale

Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.

ID: xccdf_org.ssgproject.content_rule_package_crypto-policies_installed
Severity: Medium
References: FCS_CKM.1 FCS_CKM.2 FCS_COP.1(1) FCS_COP.1(2) FCS_COP.1(3) FCS_COP.1(4) FCS_TLSC_EXT.1

SRG-OS-000393-GPOS-00173 SRG-OS-000394-GPOS-00174 SRG-OS-000396-GPOS-00176

CCE-82723-8

CCI-002450 CCI-002890 CCI-003123
Updated: about 1 month ago

Remediation Templates

include install_crypto-policies
class install_crypto-policies {
  package { 'crypto-policies':
    ensure => 'installed',
  }
}

- name: Ensure crypto-policies is installed
  package:
    name: crypto-policies
    state: present
  tags:
  - CCE-82723-8  - enable_strategy
  - low_complexity
  - low_disruption
  - medium_severity
  - no_reboot_needed
  - package_crypto-policies_installed

package install crypto-policies

[[packages]]
name = "crypto-policies"
version = "*"

dnf install crypto-policies

package --add=crypto-policies

if ! rpm -q --quiet "crypto-policies" ; then
    yum install -y "crypto-policies"
fi

Install crypto-policies package

Description

Rationale

Remediation Templates

A Puppet Snippet

An Ansible Snippet

script:kickstart

OS Build Blueprint

script:bootc

Anaconda Pre-Install Instructions

A Shell Script